As we head into the new year, I’ve been pondering ways Apple could improve macOS and iOS deployments in my school. Back in October, I wrote about the fact that Google was soon to be adding an LDAP feature to its G-Suite product. At the time, we didn’t know how the pricing would end up for K–12, but in the weeks since, we’ve learned that it’s free. In case you aren’t aware of what LDAP is, it’s a way for applications to lookup to another directory for populating user accounts in another. It keeps IT departments (and users) from maintaining multiple user buckets.

How does this impact Apple? Well, they’ve taken a different approach when it comes to populating data. For K–12 districts, they’ve started offering student information system (SIS) sync. They only support a few at this time, though. While Apple’s approach is a modern take on this problem (LDAP is legacy technology), I don’t think they’ve gotten all the way there yet.

About Making The Grade: Every Saturday, Bradley Chambers publishes a new article about Apple in education. He has been managing Apple devices in an education environment since 2009. Through his experience deploying and managing 100s of Macs and 100s of iPads, Bradley will highlight ways in which Apple’s products work at scale, stories from the trenches of IT management, and ways Apple could improve its products for students.

It’s clear that Apple is not going to be building a G-Suite or Office 365 competitor anytime soon, but I do think they have room to ease data management burdens for IT departments, which will help sell more Macs, iPads, and iPhones in return. As an IT person, ease of deployment and management is one of the things I heavily consider when looking at new device types.

Enable G-Suite and Office 365 Single Sign-On

While companies like JAMF are building solutions to help with on-boarding, I think Apple could improve these even further by offering out of the box automated set up with Google and Microsoft’s identity solutions.

What I’d like to see is a web portal to create managed Apple IDs based on my G-Suite directory. When users get new devices, they will log in to G-Suite on the first screen using their corporate email login. The device would set up automatically (logging you in to the email app, downloading/logging into corporate apps, etc.), and it would also log you into iCloud and enable backups.

While it seems like pigs might be flying to see G-Suite and Microsoft logins during the macOS and iOS set up experience, for corporate deployments, these services are where all things begin.

Enable Identity Sync with Apple School Manager

While this has been rumored (and leaked on an Australian Apple IT page for a few hours), allowing the sync with G-Suite and Office 365 with managed Apple IDs through Apple School/Business Manager would make Apple’s products even easier to deploy. Right now, Apple School Manager is limited to syncing to a couple of Student Information Systems, but the fact remains that G-Suite and Office 365 are still the primary profiles that are built first for students and staff. So even if it can sync with an SIS, enterprises are left out in the cold.

These managed Apple IDs could be used to purchase apps from the Mac App Store, sign into services like iCloud Drive Desktop and Document (perhaps with additional control for retention policies), and more. An iCloud account is essential to a great macOS and iOS experience, and making it easier to create/manage them would go a long way.

Enable Dual iCloud Login

Everything on iOS is heavily tied to iCloud, which is excellent for personal accounts. For employees who are using iOS in the business environment, it can become difficult to keep personal data and corporate data separate.

I can imagine a system where IT managers, from the MDM console, can dictate what pre-loaded apps store data in a personal iCloud vs. a work iCloud/managed Apple ID. This feature could even extend to iMessage/eSim cards as well. I could see where iMessages sent to a personal Apple device have a set of policies vs. a corporate one (deletion protocols, etc.). I’ll likely expand on this idea in a future article as I think there is a lot of opportunity for Apple here.

What do you think? Are there additional areas where Apple could make it easier to manage and deploy macOS and iOS? Let’s discuss in the comments.